Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

33 advisories

Loading
IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user... Critical Unreviewed
CVE-2025-13375 was published Feb 4, 2026
A vulnerability has been identified in the ServiceNow AI Platform that could enable an... Critical Unreviewed
CVE-2025-12420 was published Jan 13, 2026
NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with... Critical Unreviewed
CVE-2025-33224 was published Dec 23, 2025
NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with... Critical Unreviewed
CVE-2025-33223 was published Dec 23, 2025
Neuron MySQLWriteTool allows arbitrary/destructive SQL when exposed to untrusted prompts (agent “footgun”) Critical
CVE-2025-67510 was published for neuron-core/neuron-ai (Composer) Dec 9, 2025
siewer
Credited to siewer
Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges... Critical Unreviewed
CVE-2025-34274 was published Oct 31, 2025
An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network... Critical Unreviewed
CVE-2025-6949 was published Oct 17, 2025
An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network... Critical Unreviewed
CVE-2025-6893 was published Oct 17, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary... Critical Unreviewed
CVE-2025-34515 was published Oct 16, 2025
IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11... Critical Unreviewed
CVE-2025-36356 was published Oct 6, 2025
An issue discovered in the Tuya Smart Life App 5.6.1 allows attackers to unprivileged control... Critical Unreviewed
CVE-2025-56557 was published Sep 16, 2025
An issue in Online Library Management System v.3.0 allows an attacker to escalate privileges via... Critical Unreviewed
CVE-2025-57119 was published Sep 16, 2025
Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the... Critical Unreviewed
CVE-2025-42958 was published Sep 9, 2025
Argo Events users can gain privileged access to the host system and cluster with EventSource and Sensor CR Critical
CVE-2025-32445 was published for github.com/argoproj/argo-events (Go) Apr 14, 2025
thevilledev
Credited to thevilledev
The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers... Critical Unreviewed
CVE-2025-3364 was published Apr 8, 2025
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0... Critical Unreviewed
CVE-2024-7102 was published Feb 13, 2025
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The... Critical Unreviewed
CVE-2024-8767 was published Sep 17, 2024
A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information... Critical Unreviewed
CVE-2024-35783 was published Sep 10, 2024
A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account... Critical Unreviewed
CVE-2024-42024 was published Sep 7, 2024
Execution with unnecessary privileges in PerkinElmer ProcessPlus allows an attacker to spawn a... Critical Unreviewed
CVE-2024-6913 was published Jul 22, 2024
A vulnerability in APIML Spring Cloud Gateway which leverages user privileges by unexpected... Critical Unreviewed
CVE-2024-6834 was published Jul 17, 2024
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS... Critical Unreviewed
CVE-2024-3330 was published Jun 27, 2024
Toshiba printers use SNMP for configuration. Using the private community, it is possible to... Critical Unreviewed
CVE-2024-27143 was published Jun 14, 2024
An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary... Critical Unreviewed
CVE-2024-1626 was published Apr 16, 2024
An issue in Notion for macOS version 3.1.0 and before, allows remote attackers to execute... Critical Unreviewed
CVE-2024-23743 was published Jan 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database